tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ognjen Blagojevic <ognjen.d.blagoje...@gmail.com>
Subject Re: Tomcat 6 SSL issue
Date Thu, 16 Oct 2014 20:29:17 GMT
Baran,

On 16.10.2014 19:20, Baran Topal wrote:
> I did the new CSR with the new private key.

Ok.


> "You could also add protocol attribute to force JSSE connector (BIO or
> NIO), to prevent connector auto-selection."
> 1) What is the protocol attribute and where to add it?

To your Connector configuration:

http://tomcat.apache.org/tomcat-6.0-doc/config/http.html


> 2) I think those old cer and crt is not applicable anymore. Correct?

If you generated new key pair, and got new certificate, then yes, old 
certificates may be discarded.


> 3) So, what is the fundamental difference in cer and crt? I received cer as
> my friend told me it's the intermediate one, whereas crt is not.

File extensions are not completly standardized. So I cannot tell what do 
those files contains. You should be able to open them and check it out 
for yourself. They usually contains certificates in Base64 or binary format.


> 4) What would be aliases for cer and crt? Any alias is fine? or it must
> match with the alias for private key?

I am not completely sure what exactly is your question.

Any alias is fine for Tomcat JSSE connectors, but it must match the name 
from server.xml.

When importing certificate reply into the Java keystore, you should take 
care that you import it with the same alias the key pair is generated.

-Ognjen

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message